Releases: eclipse-sw360/sw360
Releases · eclipse-sw360/sw360
sw360-20.0.0-beta
sw360-20.0.0-beta
This is a beta release for the next major version 20.0.0 of SW360. The release includes numerous features, corrections, and improvements over the previous release 19.2.0.
This release serves as a preview of the upcoming major version 20.0.0 for testing and should not be used in production environments.
Highlight of the changes includes:
- Various vulnerabilities and security fixes.
- More endpoints created for the support of new UI project.
- Improvements on KeyCloak sync and user management.
Credits
The following GitHub users have contributed to the source code since the last release (in alphabetical order):
> Achal Jhawar <[email protected]>
> bibhuti230185 <[email protected]>
> Bibhuti Bhusan Dash <[email protected]>
> deo002 <[email protected]>
> dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
> Farooq Fateh Aftab <[email protected]>
> Gaurav Mishra <[email protected]>
> harshitg927 <[email protected]>
> Himanshu A Garode <[email protected]>
> Kaushlendra Pratap <[email protected]>
> Keerthi B L <[email protected]>
> Mohamed Hanafy <[email protected]>
> Nikesh kumar <[email protected]>
> nikesh <[email protected]>
> pranayh24 <[email protected]>
> Rajnish Kumar <[email protected]>
> Rudra Chopra <[email protected]>
> Sameed Ahmad <[email protected]>
> sathwik-y <[email protected]>
> suvrat1629 <[email protected]>
Please note that also many other persons usually contribute to the project with
reviews, testing, documentations, conversations or presentations.
Features
080b277bbfeat(importCDX): enhance importer VCS sanitizationc87d2c6b2feat(vuln): pagination on vulnerabilities endpointd588c924dfeat(project): use DB side pagination46cc985bdfeat(component): use DB side pagination13a9c716afeat(datahandler): prepare for paginated queries0ba6dd02efeat(docs): add other response types in docse4103eb3efeat(keycloak): set externalId on sync85986c781feat(Keycloak): Enhance user synchronization with batch processing and retry logice01a4e9f6feat(core): introduce quick search functionality for vulnerabilities59f5c49fdfeat(config): add old UI configs44e6f563ffeat(config): move more configs to DB64158b1bdfeat(rest): new Security user role.7be4e0675feat(Release): Need createdBy field for list of releases under a componentb25398586feat(Release) : Automate_check_for_Source_Code_Download_URL_1650178743477feat(rest): endpoint to get fossology connection configuration data.310434d5efeat(obligation): add field comparatorsa75e59bbbfeat(rest) : QuickFilter for Obligation pagebcf5141a7feat(rest) : Completed code for advance-search for packages3b929a059feat(Rest): Advance search for packages3ca1d5b6efeat(rest): add SBOM file validation for SPDX and CycloneDX formatsbbb4c6c01feat(rest): endpoint to get src file list for the licences.24d9d7df8feat(keycloak): allow thrift loc to be configured1480c0c75feat(rest): add additional fields to clearing request endpoint.c4b541310feat(rest): getting license info from release attachment's content id.d1a51acfafeat(rest): download users endpoint in CSV formatb9be6bacefeat(test): add test for invalid /mergeComponent93928eeabfeat(component): validate merge selection2086cf14dfeat(Rest): adding filter search in license clearing get endpoint.d7a6e4d28feat(ECC): Add field containsCryptography in Release ECC-Backend35aa150ebfeat(rest): fossology attachment configs to API85e406126feat(rest): added AttachmentCleanUpControllerTesteae223d9afeat(rest): added search API integration testsf5493594ffeat(rest): added tests for ecc rest endpoints
Corrections
d07f0d922fix(rest): add documentation for license types usage in admin view.37c9a5951fix(resource): no config read at init1e63f38dcfix(test): disable ssl health endpoint not used999eccda1fix(xss): test for null value for stripc75442858fix(spring): upgrade to 3.5.3 from 3.3.382e16b696fix(rest): add license type usage check and restructure delete API response8fe11c797fix(rest): add vendor existence validation in getReleases endpoint18ac76e0cfix(rest): handle missing component ID with 404 response.176a70f56fix(release): throw appropriate exceptionsde970cafdfix(rest): add endpoint to merge two releases.34ff1494efix(controller): fix access for SECURITY_USER7722ae9b0fix(component): skip should accept URLs3831b8a06fix(Rest): Only admin users can delete license types in the admin license tab.a6dec7574fix(svm): SVMSyncHandler dont return loop547611a75fix(rest): fix permission check48893d23aFix(Rest): Add quick search for license type.f1ec624adfix(bug): Fixed pagination at projects table (#3069)6f6eb2021Add proper self-link with project ID in licenseClearing endpoint (#3135)7a2680b80fix(rest) : Missing request param for downloadlicenseinfo report5432c35cdfix(components): read id for ComponentDTOaa2ca47effix(component): ComponentDTO for /splitcomponenta249b7ef1fix(component): read list of attachments for mergeab5c62292fix(rest): improve error messages for invalid SBOM file imports4e26b0553fix(cloudant): upgrade to 0.10.3 to fix gson issuef55dd3b5ffix(components): allow field createdBy43c5d1de9fix(deps): add com.sun.mail:jakarta.mail:2.0.1348337a8ffix(spdx): fix deps for spdx-library v2c8a756b10fix(sw360UserGroup): add missing CLEARING_EXPERTcdc2b5dcdfix(Security) : KeyCloak integration #3087f0f6ac7d6fix(backend): fix FossologyConfig2bfa0ae41fix(fossology): fetch download timeout from ConfigContainer repository68236f17dfix(docs): update scripts/utilities/README.md Documentation (#3066)586bdc3bbfix(project): return updated releasesbdf7648f8fix(docs): fix OpenAPI docs /fossology/saveConfig
Infrastructure
cce5b2cf9chore(release): 20.0.0 beta release4461e9ee1chore(deps): bump org.dom4j:dom4j from 2.1.4 to 2.2.00f9a61592chore(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2d52f78f2cchore(deps): bump github/codeql-action from 3.29.1 to 3.29.22f76f4fc9chore(deps): bump org.apache.maven.plugins:maven-gpg-plugin3ddcf3e74chore(deps-dev): bump nl.jqno.equalsverifier:equalsverifierd1a9ce73achore(deps): bump keycloak.version from 26.2.5 to 26.3.0852f097f8chore(deps): bump tomcat fromd2f9bdcto5ea8fbd49d03be83chore(deps): bump maven fromd9f3089to615bd388bd566560perf(vuln): use views instead of mango query7ca79f030chore(rest): paginate users endpoint on DB4ee6294b9docs(controller): responses for /licensetype/usagee72f8207achore(deps): bump maven from3a4ab32tod9f30891724114c4chore(deps): bump github/codeql-action from 3.29.0 to 3.29.194d5ee4fdchore(deps-dev): bump nl.jqno.equalsverifier:equalsverifierdd8fe8decchore(deps): bump org.springframework.security:spring-security-oauth2-authorization-serverb7fc0e8a5chore(deps): bump log4j2.version from 2.24.3 to 2.25.03d4f3d68bchore(deps-dev): bump net.bytebuddy:byte-buddy from 1.17.5 to 1.17.6384f0c4d7chore(deps): bump spring-security.version from 6.5.0 to 6.5.1df8addc43chore(deps): bump docker/setup-buildx-action from 3.10.0 to 3.11.1ea9e7ab95chore(deps): bump tomcat fromf55695ftod2f9bdc64ef2aacfchore(deps): bump org.wiremock:wiremock from 3.13.0 to 3.13.1dccbe71fdchore(deps-dev): bump nl.jqno.equalsverifier:equalsverifier930c7b33dchore(deps): bump springdoc-openapi-stater-common.versionee35897bachore(deps): bump jackson.version from 2.19.0 to 2.19.176464f7bachore(deps): bump github/codeql-action from 3.28.19 to 3.29.0388c0b024chore(deps): bump step-security/harden-runner from 2.12.0 to 2.12.1d4814d4ddchore(deps): bump org.springframework:spring-web from 6.2.7 to 6.2.872787f9c2chore(deps): bump org.codehaus.mojo:build-helper-maven-plugin849b1bbcachore(deps): bump com.ibm.cloud:cloudant from 0.10.3 to 0.10.40bd9c6bd3chore(deps): bump github/codeql-action from 3.28.18 to 3.28.1998be9010bchore(deps): bump maven from933900dto3a4ab325bb6a9c5cchore(deps): bump tomcat from8058582tof55695f09ababc26chore(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2d6f94b768chore(deps): bump docker/build-push-action from 6.17.0 to 6.18.039d02c7acchore(deps): bump keycloak.version from 26.2.4 to 26.2.52f537d19achore(deps): bump io.github.git-commit-id:git-commit-id-maven-plugin24f1e19f8chore(deps): bump org.mockito:mockito-core from 5.17.0 to 5.18.06c06523dbchore(deps): bump org.apache.httpcomponents.client5:httpclient5c2bfc63c2chore(deps): bump spring-security.version from 6.4.5 to 6.5.09b3c09f76chore(mail): update MR email to include docname5dd802ff4chore(mail): added more information to the mails57f5de1a2chore(deps): bump actions/dependency-review-action from 4.7.0 to 4.7.1cfcc346f6chore(deps): bump docker/build-push-action from 6.16.0 to 6.17.0c7bc2e410chore(deps): bump github/codeql-action from 3.28.17 to 3.28.184719c400achore(deps): bump tomcat from7edbb52to8058582e51667a87chore(deps-dev): bump nl.jqno.equalsverifier:equalsverifier61e34e9b6chore(deps): bump org.json:json from 20250107 to 2025051767e95b77achore(deps): bump springframework.version from 6.2.6 to 6.2.7c9252e8b1...
sw360-19.2.0
sw360-19.2.0
This minor release includes numerous features, corrections, and improvements across the SW360 project since the 19.1.0 release.
Highlight of the changes includes:
- Various vulnerabilities and security fixes.
- Unified/simplified REST API error response with Exceptions.
- New endpoint to get and update SW360 config (also making it possible to update on fly).
- Multitude of REST API endpoint improvements and additions.
linux/amd64andlinux/arm64multi-arch docker image support.
Credits
The following GitHub users have contributed to the source code since the last release (in alphabetical order):
> Akshit Joshi <[email protected]>
> Bibhuti Bhusan dash bibhuti230185 <[email protected]>
> dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
> duonglq-tsdv <[email protected]>
> Farooq Fateh Aftab <[email protected]>
> Gaurav Mishra <[email protected]>
> Helio Chissini de Castro <[email protected]>
> hoangnt2 <[email protected]>
> Keerthi B L <[email protected]>
> mishraditi <[email protected]>
> Mohamed Hanafy <[email protected]>
> Nikesh kumar <[email protected]>
> Rudra Chopra <[email protected]>
> Sameed <[email protected]>
> Shi Qiu <[email protected]>
> Shushant <[email protected]>
> Smruti Prakash Sahoo <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
2d51a3097feat(exception): replace deprecated exceptionf133b896dfeat(Configurations): Add new endpoints that allow to GET/UPDATE SW360 configurations5fa3afec1feat(version): generate OpenAPI doc version on flyd8f6b01d8feat(Department): Add new endpoints: - Get/Update department members - Get importing department's log file list and contentedec79367feat(addNewComponentType) : Added new component type COTS-Trusted Suppliere464254befeat(rest): Added tests for upload and download componentsd8393a319feat(rest): Added endpoints to fetch schedule service statusa1a01c89dfeat(rest) : Endpoint for export SBOM at project detail pagef15fd779afeat(script): read host, user and pass as args8d5a77ee7feat(rest): new rest endpoint for edit obligation65db380b9feat(project): add new values to project state field8c17597a4feat(exportCDX): update CycloneDX exporter dependency from v1.4 to v1.6a84a42b48feat(rest): Count of attachments used in different projects.f40e72c3cfeat(rest): create new endpoint for bulk delete function927da5a54feat(rest) : Search for vendors added.45a53b4e2feat: Add multiarch for docker image6373bed28feat(rest) : Comment added to reuse methods for Duplicateobligation functionalitye764a5823feat(rest): endpoint to merge vendor.4bab8d07afeat(User): Add 2 new endpoints: - Allow Admin user to update user - List all existing department2d0664f2ffeat(rest) : Advanced Search for project pagef15ccd798feat(rest): standardize POST response to include created entity IDc273f1925feat(rest): create new endpoint to delete ModerationRequests by id.be7606f32feat(rest): create new enpoint to upload component csv file.068385703feat(api): complete advance search for components
Corrections
1b92b5135fix(spdx): add null and empty field checks for SPDX documents2d1ace631fix(ci): set min version of CMake to 3.51cb9e8f4efix(test): fix test cases for correct exceptions4cba33716fix(controller): fix further changes after rebaseeb73f32c4fix(Obligations): includes ObligationLevel in get all obligations responsesb0d1be0d0fix(security): remove WebSecurityCustomizer991eb8f0afix(xss): ignore essential headers from XSS filter00d3cb129fix(project): set fields getLicenseObligationDataef153bce9fix(obligation): fix obligation patch5f6796ee6fix(rest) : Advancesearch(AdditionalData) for project page with value based search9daf29b74fix(Project): Resolve issue with embedded type in project release response when length is 0e415d05a4fix: Set docker main and development image9038d8dd2fix: Adjust copyrights and licenses properly72dbb8c72fix(projectService): fix user role check18193631bfix(rest): Add license information linking for project releases.5336aea47fix(script): fix addUnsafeDefaultClient.sh script00b552d58fix(SPDXDocument): Fix bug add SPDX document always return faild4c0f913cfix(Token): Fix bug authentication by user token not working5b3535a9bfix(project): add more null checks for attachments0e9052f23fix(project): null check at /summaryAdministration840fa9740fix: Adjust sw360 container build for external thrifte378da720fix(Admin): fix OAuth Client deserialization and database operationscb52c1ad6fix(Rest): Create new endpoint to activate the department manually.4adc4a268fix(rest) : Add licenseInfoHeaderText in summaryAdministration api responsecadc213e9fix(rest) : Moderation update overwrites previous fieldsd3aeefc6dfix(Attachment): Make get attachment endpoints of component/release/project consistent - Allow updating project/component/release with attachment data (in a consistent way)48f9159bbfix(Rest): new endpoint will help to get the package details by projectId.fbea70a91fix(rest): Added packageIds in project create and update APIs.886ad473cfix(Rest): Updated the REST endpoint to schedule the upload of release component attachments.975e30f49fix(importCDX): Add logging for null metadata in sbom.41ea54857fix(licenseinfo): Corrected the Open Source title in TEXT format to match DOCX format6ba3bf675fix(rest): Prevent stored XSS5365f10b8fix(component): add null check for release mergeb91d3ad10fix(rest): Added code to get obligation releaseView data in project.bbd7a4361fix(Rest): License overview is not updating in summary page.eeb3c86d4fix(rest): fix doc for ModerationRequestController663ac8377fix(rest): Validate comment message while create a moderation request.6dbec3601fix(rest): adding additional fields to attachmentUsage endpoint.325cf0ef5fix(deps): Deprecate old commmons-lang library75d3748ccfix(cloudant): fix structure of elemMatch queryaadf18948fix(report): refactor /reports endpoint20d02c954fix(doc): fix OpenAPI docs for report controller73726c45efix(moderation): fix moderation creation1cd3739bdfix(rest) : modified attachment info in response to the moderation request rest api1e1c5c1d0fix(rest): Added code for for updating multiple project attachments.c8b27567ffix(rest) : Closed Project functionalities not uniform with respect to UI and REST
Infrastructure
57827d8edchore(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.139bfa90129chore(deps): bump com.tngtech.jgiven:jgiven-maven-plugin30d5f61abchore(deps): bump org.apache.maven.plugins:maven-surefire-plugin40a22ede4chore(deps): bump poi.version from 5.4.0 to 5.4.1fad1b859achore(deps): bump step-security/harden-runner from 2.11.0 to 2.11.1f73f40dc4chore(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.09f208baf0chore(rest): rework exceptionsb14bf4058chore(deps): bump github/codeql-action from 3.28.12 to 3.28.135387e3fcdchore(deps): bump maven from70591cbtof1e4a8587806a5aechore(deps-dev): bump nl.jqno.equalsverifier:equalsverifier5a3acda61chore(deps): bump springdoc-openapi-stater-common.versionb15710833chore(deps): bump org.apache.httpcomponents.client5:httpclient50cded8b31chore(deps): bump org.ow2.asm.version from 9.7.1 to 9.8d2de95f47chore(deps): bump httpcore5.version from 5.3.2 to 5.3.4b0e52e4f6chore(deps): bump org.mockito:mockito-core from 5.15.2 to 5.16.12a1ea1952chore(deps-dev): bump com.tngtech.jgiven:jgiven-junit350a8db21chore(deps): bump com.google.guava:failureaccess from 1.0.2 to 1.0.3b4b475444chore(deps): bump org.apache.maven.plugins:maven-compiler-plugin197ed98b4chore(deps): bump springframework.version from 6.2.4 to 6.2.58c87ab4edchore(deps): bump actions/cache from 4.2.2 to 4.2.3403020e2bchore(deps): bump actions/upload-artifact from 4.6.1 to 4.6.24809763e4chore(deps): bump github/codeql-action from 3.28.11 to 3.28.123ac6ea7dfchore(deps): bump org.springframework.security:spring-security-crypto64a8742a7doc(sbom): add allowable SBOM export types40c061cdfchore(controller): fix typo in endpoint namedfe68e180chore(deps): bump docker/login-action from 3.3.0 to 3.4.0712d613edchore(deps): bump org.springframework.security:spring-security-oauth2-authorization-server1b05c7addchore(deps): bump com.ibm.cloud:cloudant from 0.10.0 to 0.10.21ac13a85achore(deps): bump keycloak.version from 26.1.3 to 26.1.4dff3a99d9chore(deps): bump springframework.version from 6.2.3 to 6.2.4fc4910ec0chore(deps): bump org.cyclonedx:cyclonedx-core-java38e0f199achore: Add push docker tag capability4e424695brefactor(rest): enhance logging and error handling in FossologyRestClient79beaf846chore(deps): bump docker/build-push-action from 6.13.0 to 6.15.0ac0cf9887chore(deps): bump docker/metadata-action from 5.6.1 to 5.7.0341fad29bchore(deps): bump docker/setup-buildx-action from 3.9.0 to 3.10.0c442800bdchore(deps): bump github/codeql-action from 3.28.10 to 3.28.111b2c6f8f8chore(deps): bump tomcat from0530899to1374a56344b6995fchore(deps): bump slf4j.version from 2.0.16 t...
sw360-19.1.0
sw360-19.1.0
This minor release includes numerous features, corrections, and improvements across the SW360 project since the 19.0.0 release.
Highlight of the changes includes:
- Various vulnerabilities and security fixes.
- Multiple new REST API endpoints.
- Improvements on SBOM and CDX import.
Credits
The following GitHub users have contributed to the source code since the last release (in alphabetical order):
> Afsah Syeda <[email protected]>
> Akshit Joshi <[email protected]>
> Arun Azhakesan <[email protected]>
> dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
> duonglq-tsdv <[email protected]>
> Gaurav Mishra <[email protected]>
> Helio Chissini de Castro <[email protected]>
> hoangnt2 <[email protected]>
> Keerthi B L <[email protected]>
> nikesh kumar <[email protected]>
> Rudra Chopra <[email protected]>
> Sameed <[email protected]>
> Smruti Prakash Sahoo <[email protected]>
> StepSecurity Bot <[email protected]>
> tuannn2 <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
2133694fafeat(rest) : Export Project Create Clearing Request36df4a611feat(spdx): Add API for feature SPDX Document tab719165516feat(rest): endpoint to get license info header text.c64470ff8feat(rest): Add documentation for new clearing size parameter.e02307383feat(rest) : Rest end point for project ECC Export Spreadsheet9cd8646c1feat(Component): Add new endpoint that allows user to subscribe and unsubscribe to a componenta3edc6ceefeat(Release): Add new endpoint for release subscription8d6315f31feat(FossologyTrigger): stop repetitive entries of attachment.3a48426c9feat(ImportCDX):Handle redirection of VCS URLs in SBOMbe8d94046feat(rest): Create new api's in schedule tab.f41b8927dfeat(importCDX): Add functionality to configure release creation when importing SBOM to an existing projectddec17e5dfeat(rest): Add size parameter to clearing request.be032e39cfeat(importCDX): enhance CDX importer to sanitize VCS URLs for non-GitHub domains646c4e1bbfeat(Project): Create new endpoint that allow to duplicate project with network68c1fb737feat(Release): Add new endpoint to check cyclic links between releases9b32525a3feat(Project): Add new endpoint that allow to compare project network with default network108ba6700feat(Project): Add new endpoint to fetch linked releases of linked projects067f9135bfeat(Release): Add new endpoint that allow to get linked releases of release466a8c6d7feat(Project): Create new endpoint that allow to get linked releases in dependency network of a project75e3bc899feat(rest): Add endpoint to handle updation of clearing requests.7bcedef6afeat(rest): endpoint to remove orphaned obligations from project.fa17c2fedfeat(rest): delete a vendor by id.453eff793feat: Add default user/pwd to couchdb connectione81031333feat: Add default admin user if database is emptyf98db4ff4feat(rest): Add pagination to get clearing requests endpoint and fix 403 forbidden error33012fdc2feat(REST):fetch releases that are in NEW_CLEARING state and have a SRC/SRS attachment using parameter isNewClearingWithSourceAvailable2621657cdfeat: Add logging to identify releases with corrupted attachments during license generation73d0576c7feat(rest): endpoint to get list of obligations depending upon obligation level.24b71c5e6feat: Update README.md with openssf scorecard badge
Corrections
802013389fix(openapi)!: add health endpoint to openapib39c71b5bfix(Cloudant): Fix Cloudant document creation error by setting id and rev to null instead of empty string during Java object conversionda677a677Revert "fix(importCDX): Resolved unnecessary update of component fields"8f9859955fix(docs): fix OpenAPI docs8164a1f48fix(rest): Fixed the reference to wrong db for oauthclients4918ecd85fix(test): Remove unused invalid entries7c4b647e9fix(test): Remove unused invalid entriesac410370cfix: Enable back client libraryc41cdedfcfix: Ignore SECURITY.md on license checkffd83c62ffix(Project): Add missing properties in network response849284e3bfix(Project): Unset unnecessory data before store network into database87bdf001efix(test): enable unauthorized request test519496118fix(Project): Fix vulnerability: Information exposure through an error message48eb7437efix(User): Fix XSS vulnerability due to a user-provided value89e67b7e9fix(Rest): component attachment deletion while updating externalIdsc35e05fbdfix: Create sw360oauthclients database9cfb2c16dfix(rest): Enhance the acceptRequest method to see the proposed changes in project/component/release pages.342145702fix: Restore target for Dockerfilee18227af9fix: Remove spotless dead codeec6d2bc18fix: Adjust pinned dependencies on Dockerfile73e682053fix: Update POI code to modern versiona2734ca50fix(StepSecurity): Apply security best practices
Infrastructure
8a0793ed5chore(deps): bump org.apache.maven.plugins:maven-gpg-plugin06426f8bbchore(deps): bump keycloak.version from 26.0.6 to 26.0.7385a8bc74chore(deps): bump tomcat from7ebc6c3to935ff51d24a5c32achore(deps): bump github/codeql-action from 3.27.6 to 3.27.9e38177ad1chore(deps-dev): bump com.tngtech.jgiven:jgiven-junit7277d0815chore(deps): bump org.apache.maven.plugins:maven-javadoc-plugine424549f5chore(deps): update wiremock to 3.10.0e35110da8chore(deps): use updated wiremockc5cbf16f4chore(deps): bump org.apache.httpcomponents.client5:httpclient5d59b81243chore(deps): bump actions/cache from 4.1.2 to 4.2.0e15aa510cchore(deps): bump maven from9ae8f00to85d505f97c483c04chore(deps): bump net.minidev:json-smart from 2.4.10 to 2.5.1862a08e73chore(deps): bump maven fromf401172to9ae8f00e0bec4851chore(deps): bump commons-io:commons-io from 2.17.0 to 2.18.0668953ad0chore(deps): bump org.mockito:mockito-core from 2.28.2 to 5.14.2684e0703cchore(deps): bump maven from5a44dfftof401172b80aaa302chore(deps): bump tomcat from2ade2b0to7ebc6c339bb1e985chore(deps): bump ubuntu from35b7fc7to80dd3c3f24cbc910chore(deps): bump github/codeql-action from 3.27.5 to 3.27.60db57d021chore(deps): bump ubuntu from278628fto35b7fc7db32f3bb8chore: Remove cache from java-setup action03dda4438chore(deps): bump org.codehaus.mojo:versions-maven-plugin2a4c3c3a6chore(deps): bump org.apache.maven.plugins:maven-assembly-plugin92f05513fchore(deps): bump org.apache.maven.plugins:maven-resources-plugin1c3aefe32chore(deps): bump jackson.version from 2.18.1 to 2.18.26d5b60f67chore(deps): bump org.springframework.security:spring-security-oauth2-authorization-server360f63268chore(deps): bump docker/build-push-action from 6.9.0 to 6.10.075b9565a2chore(deps): bump org.apache.maven.plugins:maven-dependency-plugin8589b49b9chore(deps-dev): bump com.github.tomakehurst:wiremock-jre8b4362b73dchore(deps): bump org.apache.commons:commons-lang3 from 3.12.0 to 3.17.0c0f95baabchore(deps): Fix Maven warning for deprecation values067a3025echore(deps): bump org.apache.commons:commons-csv from 1.10.0 to 1.12.041da93540chore(deps): Move versions to supperpom2dfa4afdbchore(deps): bump org.keycloak:keycloak-core from 26.0.5 to 26.0.690c1a4724chore(deps): bump log4j2.version from 2.24.1 to 2.24.2a2beaa41echore(deps-dev): bump net.bytebuddy:byte-buddy from 1.10.18 to 1.15.10cca5c12a9chore(deps-dev): bump org.ow2.asm:asm-commons from 7.1 to 9.7.1ec4e041f6chore(deps): bump springframework.version from 6.1.14 to 6.2.0bb9225664chore(deps): bump org.apache.maven.plugins:maven-enforcer-pluginc4b75cf53chore(deps): bump com.google.guava:guava from 32.0.0-jre to 33.3.1-jrec3c75c7dfchore(deps): bump spring-security.version from 6.3.3 to 6.4.1bca5bc337chore(deps): bump github/codeql-action from 3.27.4 to 3.27.5df9bf4801chore(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0eaf13a8d6chore(deps): bump docker/metadata-action from 5.5.1 to 5.6.19bf808d70chore(deps): bump org.apache.maven.plugins:maven-failsafe-plugina11f1830fchore(deps): Update apache.commons-compress3658d3970chore(deps): bump org.apache.commons:commons-text from 1.10.0 to 1.12.06cd1da38bchore(deps): bump com.tngtech.jgiven:jgiven-maven-plugin36398cfbbUpdate security.md filece6aa331cCreate SECURITY.mda2a88dc79chore(deps): bump step-security/harden-runner from 2.10.1 to 2.10.212bd1bf81chore(deps): bump org.projectlombok:lombok from 1.18.34 to 1.18.364d336c6adchore(deps): bump jackson.version from 2.17.1 to 2.18.1cce753580chore(deps-dev): bump nl.jqno.equalsverifier:equalsverifier6098b6723chore(deps): bump com.github.package-url:packageurl-java40ec24f69chore(deps): bump tomcat froma09d4c1to2ade2b0965ac8dc2chore(deps): bump ubuntu from99c3519to278628f49c3e574fchore(deps): bump maven from440a97ato5a44dffa91c6249cchore(deps): bump httpcore5.version from 5.2.5 to 5.3.1f2b202b7achore(docs): update the KeyCloak doc for 26.0.58f9492422chore(deps): bump keycloak.version from 25.0.6 to 26.0.56239843efchore(deps): Adjust Maven dependency declarations9fa14d2e3chore: Remove pre-commit checkstyl...
sw360-19.0.0
sw360-19.0.0
This tag covers many corrections, bug fixes and features after the 18.1 release. Version 19.0.0 is also the first release without the Front-end integrated, but as a separate sw360-frontend project.
Major changes in the release includes:
- Removal of Liferay and related libraries, OSGi framework
- Unification of various backend packages from src and svd
- Support for Java 21 and Apache Tomcat 11.0.0
- Replace couchdb-lucene with couchdb-nouveau
Credits
The following GitHub users have contributed to the source code since the last release (in alphabetical order):
> afsahsyeda <[email protected]>
> Akshit Joshi <[email protected]>
> Gaurav Mishra <[email protected]>
> Helio Chissini de Castro <[email protected]>
> hoangnt2 <[email protected]>
> Keerthi B L <[email protected]>
> Nikesh Kumar <[email protected]>
> Rudra Chopra <[email protected]>
> Sameed <[email protected]>
> Smruti Prakash Sahoo <[email protected]>
> tuannn2 <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
c167bcca9feat(rest): Endpoint to add comment on a clearing requestcd97b6154feat(rest): Create new endpoint for schedule CVE and schedule attachment deletion.00d70bcc5feat(rest): get releases used by vendor31b720b9efeat(rest) : Rest end point for generate source code bundle062a89290feat(rest): saveUsages in project page9751a2e1afeat(Project): Add new endpoint for project's license clearing tree view (New GUI)546d35b73feat(Project): Import SPDX as dependency networka18b053f5feat(rest): Create new endpoint to download component template in csv format.144ea5b81feat(rest) : Move GenerateLicenseInfoFile rest end point to SW360reportcontroller61ec9ac39feat(REST): Exclude release version from license info295f1cbfffeat(rest): fetch group list in project add and edit page.e9ec8d8a7feat: Make Java 21 defaultcb99fc678feat(ImportSBOM):Change naming convention of imported components441fa7d85feat(Project): Create new endpoint to serve list view of dependency network (New GUI)7b4c534e3feat(cloudant): use IBM SDK09586fad6feat(ektorp): remove ektorp from search handlersaf0262112feat(lucene): nouveau integrationa019b468bfeat(keycloak-spis): Added the custom keycloak SPIs3c453670dfeat(couchdb): Enable use of latest CouchDB with nouveau8fdd93c86feat(rest): endpoint to update a vendor.bff430140feat: Add CODEOWNERS to the repository90ad3ea1cfeat(rest): Add additional fields in get clearingrequest endpoints.771b965b2feat(ComponentPortletandImportCDX): Validate VCS URL and sanitize GitHub Repo URLs during CDX import99d0c80edfeat(api): postpone moderation request actionaf15a09e3feat(rest): includeAllAttachments parameter in licenseInfo endpoint66cac90c6feat(CycloneDX): Make methods compatible with cyclonedx upgrade and update jackson version9a15832c0feat(rest): Endpoint to get comments of a Clearing Request.ffbf1b183feat(project): endpoint for vulnerabilitySummary page.0d6908ab2feat(project): Add necessary library dependencies required by rest codeacb1e54eafeat(vscode): Add base Eclipse java formatter config filea29d5b0c2feat: Generate provenance and SBOMs on Docker images8b6aa42cffeat(docs): Remove old asciidocs supportfd0546244feat: Update to Ubuntu 24.04 (Noble)8f971f765feat(rest): new endpoint for releases of linked projects.5bd4cae83feat(obligation): rest endpoint to update license obligations of the project.3c40f09f2feat(License): Add API Listing LicenseType and Add pageble for licenses, obligations204ce2f02feat: Add scorecard
Corrections
9452b2b89fix(cloudant): fix attachment creation5bdef6d51fix(pom): fixed the java version in kc module pom.xml48e0f6c8cfix(ImportCDX): VCS sanitization failing on characters like colondc18109b8fix(Project): Fix project handler test with dependency network feature5702dc595fix(clearingState): making fossology report download configurable.3f10b6856fix(build): add the missing excludeReleaseVersion69fcc6c9ffix(servlet): complete migration javax to jakarta3cad1c4aafix(UI): Add lang attribute to ReadmeOSS.html for generated license info.77b801825fix(keycloak-spi): Added the README.mde43c3422afix(nouveau): fix nouveau query result442ac94c7fix(test): fix test cases with cloudant SDK41e3d4605fix(nouveau): extend nouveau connector as cloudantcbcffd979fix(cloudant): fix query buildersced70a0e4fix(cloudant): fix views57f5b6908fix(REST): Patch Release is causing the clearing state to be updated to NEW even if a Clearing is existing5c4810a56fix(backend): fix dependency for backend coref0719b97afix(rest): Resolved null value returning for svm tracking status.fe05d9f29fix(rest): Update search API to return 200 status with empty results array when no match foundb0c11a1fbfix(GenerateLicenseInfo): Generate License Info failing for releases having the same CLXd6f630021fix(rest): Ensure visibility field is case-insensitive6a1408f50fix(doc): fix OpenAPI doc for Search endpoint83796a935fix(rest): add requestClosedOn field in get clearingRequest_by_id endpoint45a8137f3fix: Update docker documentation to reflect current status9dc2d6835fix(rest): Enable back authorization and resource server with up to dat springbootc493d83bffix(couchdb): Move setup data for single file and update compose to use as read onlyc15e36cd8fix(docker): Use Tomcat with Ubuntu 24.04 (Noble)d655adc64fix(rest): Add null check for linkedProject field if it is empty77bdbf7f6fix(rest): Add null check for linkedProject field to prevent Internal Server Error on GET request to fetch the linked projects of a project5943127c6fix(rest): Add code to update user details when creating a moderation request.9777923f8fix(docker): Reinstate docker builds0265205b0fix(docker): Update docker build to fit Ubuntu Noble and improved caching293e025cffix(rest): Added JWT token convert to fix the issue with authorities540f9baf1fix(rest): Added the Oidc user info customizer and token customizer1fb7bcf97fix(rest): Add null check for linkedProject field to prevent Internal Server Error on GET request to fetch the linked projects of a project3f6ae983bfix(importCDX):Improve error message when PURL is invalid3dfbb5538fix(rest): Fix internal server error with 500 status code for link project to projects endpointf0e149422fix(rest): Fixing pagination for endpoint '/packages'.0d88cacc7fix(rest) : Non uniform link format in attachmentUsage end pointfea2d4edafix(rest): Fixed the swagger issue01218278dfix(backend) : Product clearing report generated has strange numbering issue fixda95be6e7fix(rest): Added modifiedBy field in get package_by_id endpoint.82ad83e70Revert "fix(rest): Fixed the swagger issue"cc38d07dffix(rest): Fixed the swagger issue51fabdfc2fix(rest):Added code to resolve the server error while fetching a summaryAdministraion endpoint.b262c4c82fix(rest): Fixing the rest test cases308ce540bfix(rest): Added a missed field in package endpoint for allDetails.8f0560c04fix: Only publish test report on failuresf48e6d27bfix: Thrift cache locationb69720c91fix: Update thrift build to fix github caching89f47fe05fix(test): Proper build tests now without jump folders4dd4f8aa7fix: Remove wrong placed copyrights on commit templatef8dcd79f2fix(test): Disable rest test to avoid chicken and egg integration7ce112133fix(github): restore pull_request_template.md
Infrastructure
4e883a5a1chore(deps): bump org.springframework:spring-context7dd44a5fdchore: Add maven validation on buildd086e9a71chore(deps): bump org.keycloak:keycloak-core2d90a9a00chore(deps): bump org.keycloak:keycloak-corebfd296052chore(maven): deploy keycloak listenersc71b0d5c4chore(maven): segregate war and jar deploy dirsd9b3edf25chore: Add Tomcat 11 default for Docker872c74ef1chore(nouveau): catch exception for nouveau query824504564chore(docker): update compose with dockerhub image3fc2e0976chore(couchdb-lucene): remove third-party/couchdb-lucene111a0fe88chore(refactor): Refactored the models by adding Lomboke3dccf3eechore: Reduce couchdb log level on docker composee3f3dab7echore: Update the license header checkfor CODEOWNERSaf056ef15chore: Properly set components servlet as war file27fddd182refactor: Use the correct thrift image56b63f065refactor: Remove dead code comments7b3fe9233chore: CouchDB setup can't be read only442970d4cchore: Add color coding for sw360 project30b6114f8refactor(backend): Adjust component test call9a09353afrefactor(backend): Disable ComponentImportTestUtilsa0369e0a3refactor(backend): Allow test properties be configurableb7d9941ddrefactor(backend): Fix licenseinfo test2f24d0b3echore: Disable logging on disk for couchdb and configure authorization serverbc759edb4refactor(backend): Restore webapps installa9cff25eachore: Fix version dependenciesa81fe91dcrefactor(backend): Remove invalid recursive add-build-configuration processa973a70f4refactor(backend): Disable usage of Handlers by importer2019328a3refactor(backend): Adjust dependencies for...
sw360-18.1.0-M1
sw360-18.1.0-M1
This tag includes important corrections and fixes following the 18.0 pre-release. It is also the final tag with Liferay, as SW360 will use the SW360-frontend project (https://github.com/eclipse-sw360/sw360-frontend) starting from the next release.
Migrations
For existing installations, a data migration is required with PR 1963. Please go to the readme file in scripts/migrations to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
Note: For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN variable and the couchdb URL (if that is not on localhost or requires password or both).
SW360 18.1 Native Install Deployment
https://eclipse.dev/sw360/docs/deployment/legacy/nativeinstall/native-install-sw360-version-18.1.0/
Credits
The following github users have contributed to the source code since the last release (in alphabetical order):
> Afsah Syeda <[email protected]>
> Aftab, Farooq Fateh (ext) <[email protected]>
> Anupam Ghosh <[email protected]>
> Akshit Joshi <[email protected]>
> Eldrin <[email protected]>
> Gaurav Mishra <[email protected]>
> Helio Chissini de Castro <[email protected]>
> Jens Viebig <[email protected]>
> hoangnt2 <[email protected]>
> Keerthi B L <[email protected]>
> Nikesh kumar <[email protected]>
> rudra-superrr <[email protected]>
> sameed.ahmad <[email protected]>
> tuannn2 <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
4bfabe486feat(rest) : Remove mail-request parameter and read from config file96863d14cfeat(REST): Search package by purl and version684d90117feat(REST): Create clearing request for a project and move the preferred clearing date limit field out of Liferay"fe044d00feat(project): Added release field for licenseObligation get endpoint70837b27feat(rest): filter attachment usages in projectea94202bfeat(license): Update Whitelistaf155858feat(CR): Update clearing request state from AWAITING RESPONSE to PENDING INPUT2bd2b2fdfeat(vscode): Add workspace java settings8ceba8fbfeat(docker): Add test build using docker944a7164feat(rest): added pagination for vulnerability tracking status page.70391d07feat(rest): add license obligations to a project.4f65386ffeat(obligation): endpoint to list license obligation table data5fcb3533feat(rest) : endpoint to list license obligations from license database.240c73f3feat(CR): Create a new Clearing Request state Sanity Check to perform sanity check before accepting a project4bc56326Revert "feat(CR): Disable Clearing Request creation for the projects which have linked releases without SRC type attachment"71d3a470Feat(User): Create new endpoints to Create/Revoke/List rest api tokend4820efcfeat(Rest) : Download license clearing report end point.14fda713feat(api): new endpoint /mySubmissionscec7f4b7feat(docker): Improve output of check_image script.d7699485feat(docker): Revamp docker build setup2ddf76f0feat(user): Enable API user endpoint by default36a41ceffeat(Obligation): adding obligation type data in license obligation table.44219a39feat(rest) : Pagination for vulnerability tracking statusb925c0abRevert "feat(UI): enhanced date filter for open and closed clearing requests tab"a3038447feat(UI): enhanced date filter for open and closed clearing requests tab9f9a1ffa1feat(UI): Add an info button in the create CR pageb98d346a4feat(UI): Add clearing type column in closed clearing request tabb6aa50650feat(Project): - Extract license from all releases in dependency network when download license information of a project - Generate source code bundle from all releases in dependency network when download Generate source code bundle for a project49f5486fafeat(rest): endpoint to link sourceProject to list of projects.1ab14350bfeat(CR): Disable Clearing Request creation for the projects which have linked releases without SRC type attachmentbcd600c26feat(User): Add new endpoints to get/update requesting user profile3cb73c19ffeat(rest): Create new endpoint to unschedule all services.83a2b3a28feat(license): Listing obligations by license8a9c407e8feat(license): Fix Update License isChecked89a75f815feat(project): Update ghactions workflows deps849e10a0cfeat(obligation): Add api listing obligations by ObligationLevel3ec2cb129feat(rest) : Rest end point for releases by lucene search7ccba71d5feat(project): Setup Sonatype publishingc0fb731c4feat(license): Create API Export License141e24babfeat(Release):Upload Source Code Attachment to Releases through a Scheduled Servicec7c33c78ffeat(rest): adding pagination for listing vendors endpoint.c805ff90ffeat(rest) : Adding or Modifying fields to project summaryadminastration page6a89beabcfeat(Script): Delete MR's for a specific useradc862038feat(license): Create new api update license
Corrections
dfabecd2cfix(importCDX) : Fix package's linked release updation when an SBOM is imported3de514387fix(project): adding project owner field in project get endpoint.c31464972fix(api): throw 409 if last moderator219792b1fix(importCDX): Resolve incorrect package/release count in import summary6d9f3620fix(rest): Create a new endpoint for dataBaseSanitation.ae997be2fix(project): Update outdated Github actionscb02b200fix(sw360): changing mkdocs version0c9523fbfix(REST): Improve error message handling for CycloneDX sbom import using REST APIdf735e9bfix(Release): Updating the license overview in the summary pagee5ac9278fix(SRCUploadService): Source upload should work for release versions having alphanumeric charactersfa42d204fix(api): provide typeMasks name as Optional type6e36abbbfix(api): check project modifier before embedding3beff049fix(Project): Fix bug Expand Next Level and Collapse All button are hidden when click on sort icon5112980ffix(urlEncoding): url encoding.fe0a4408fix(Release): Add embedded other licenses in release responsed4a8be84fix(importCDX): Packages without VCS in SBOM having VCS in SW360 are not getting linked to project8af9bd5efix(importCDX): Add check for existing comps and package using case-insensitive comparison of vcs and purlee3ed068fix(Liferay): Fix bug cannot access oauth client page when import lar fileedc9320cfix(rest) : attachment usage type fix in response49be7428fix(importSBOM): Remove the invalid characters appearing in import summary message for invalid packages list5a726764fix(rest): create endpoint for search by userName using lucene search.ff068133fix(rest): Added releaseId in recentRelease and release mySubscription.87a14f7afix(Rest): Added status for mysubsciption in component.d28843c2fix(docker): Fix broken binaries context inclusion16475d70fix(rest) : create new endpoint for cleanup attachment.0950a2cafix(script): update modifiedBy/modifiedOn project fields.67696a9ffix(department): Division by zero caused by bad default value for interval9703661dfix(rest): Added primaryRole and secondaryDepartmentRoles fields for user endpoint.fba0d8e5fix(rest): Added modifiedBy field in project search by id.178813e5ffix(docker): Adjust local naming for docker imagesb55372562fix(thrift): Add proper version to build34765dd80fix(thrift): Follow link download stepef5cc0142fix(database): Restore reading environment database vars8aaf95734fix(UI) : Issue fix for vulnerability not displaying for projectc63023c4dfix(release): modify the externalId query parsing6a6cb33b5fix(docker): We have been using wrong Java version625ffcfa1fix(release): revert external id query parsing222879a9efix(rest): error handling when user dont have sufficient import permissiond619c5121fix(Table): Fix error of hiding attachment table content when clicking sortef83441dffix(moderator): show message when only moderator choose remove me option.590a2b3adfix(docker): Remove deletion that invalidate image2fe147f09fix(rest): create new enpoint to check server connection.47d14b158fix(script): Fix migration script not working with python30d535c386fix(config): Correct file number0f9d9b85afix(rest): create a new endpoint for fossology in admin tab.5b9f10921fix(script): Fix incorrect numbering for migration scripts0f9d31974fix(couchdb): Add config entry to disable couchdb cache451948a79fix(javadoc): Remove invalid link reference05c2445fafix(lib): Add meta information to enable publishb5f6cb469fix(importCDX): Update failed component creation error message6e1964a40fix(rest-fossology): applied changes for upload endpoint5a83fe2c9fix(RequestsPortlet): Unable to reopen CR, Open Components to display open releases, clearing progress to show percentage2fdd5f4c5fix(Rest): Allowing search for releases using externalIdsd9fce216fFix(package): Fix issues api for package - Cannot unlink orphan packages from the project - Cannot link a package to a release without any package - Handle message when package with same purl already exists02d84be81fix (rest) : rest api created for component search by lucene search
Infrastructure
e71c5e53fRevert "build(deps): bu...
sw360-18.0.0-M1
sw360-18.0.0-M1
This tag covers many corrections/bug after the 17.0 release and multiple new endpoints to support sw360 UI project.
Migrations
For existing installations, a data migration is required with PR 1963. Please go to the readme file in scripts/migrations to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN variable and the couchdb URL (if that is not on localhost or requires password or both).
Credits
The following github users have contributed to the source code since the last release (in alphabetical order):
> Abdul Kapti <[email protected]>
> afsahsyeda <[email protected]>
> Anupam Ghosh <[email protected]>
> Dinesh Ravi <[email protected]>
> Eldrin Sanctis <[email protected]>
> Gaurav Mishra <[email protected]>
> Helio Chissini de Castro <[email protected]>
> hoangnt2 <[email protected]>
> Keerthi B L <[email protected]>
> Kouki Hama <[email protected]>
> Le Tien <[email protected]>
> Muhammad Ali <[email protected]>
> Nguyen Nhu Tuan <[email protected]>
> Nikesh kumar <[email protected]>
> rudra-superrr <[email protected]>
> Shi Qiu <[email protected]>
> Smruti Prakash Sahoo <[email protected]>
> Tien Le <[email protected]>
> tuannn2 <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
e9a9f308bfeat(rest): Adding pagination for ecc info of releases for a project.c0db06a68feat(rest) : Adding pagination for listing users endpoint.acc553b14feat(rest): endpoint to get attachmentUsages for a project.bb0d01fd5feat(rest): endpoint to get license clearing count for a project.bc5ae7d1bfeat(rest) : Add enableSvm field in response to projects api130ed2585feat(importCDX): enhanced sw360 CDX importer754ba96a7feat(CreateCRandRequestsPortlet):Added new field Clearing Type for CR and Additional columns in Open CR tableb89bde7b9feat(Rest): Modifying the document for search endpointec750b824feat(bug) : Download release attachment fail issue fixf629a0d3ffeat(rest) : End point for export vendor spreadsheet930ef1d13feat(docker): Add option to specify cvesearch.host at build timef4febd954feat(release): Fix response api get single release with costDetails70141590cfeat(rest): API to get vulnerability tracking status03aaa6985feat(Rest): New endpoint allow load assessment summary information of release8c2e71b85feat(ui):enable to bulk delete component/releases for admin SW360266aeac3dfeat(REST): Add restricted project counter for component and release usedBy APIca0ef31f2feat(rest):Update API Create Release with Cost Detail1974005e2feat(ui): Added collapse and expand icon for all the tabs16dae1a4afeat(rest): API to get vulnerability tracking statusafe118d96feat(Rest): New endpoint allow load SPDX license info from attachment of release (ISR, CLX, CLI)a330fde1efeat(rest): Update release with attachment infoba6c743f5feat(ui) : Add changelogs for license pagesd369c73e3feat(rest): Update API create Release with Moderator, Contributor, CpeIdc9c37b94dfeat(rest): Update API create Release with LinkedReleased7b52f53efeat(rest): Add Information Vendor to response Get release detail4449e6017feat(liferay): Export private pages include package portlet7c57b8081feat(rest): Add information user change status attachment when edit component by APId25d35ce3feat(Project): New configuration make project and releases relationship more flexiblede4125bb4feat(debug): Add Tomcat manager to dockerfd13d1943feat(rest): listing license clearing info of a project.cc9291d68feat(CycloneDX): support CPE in import and export42f44107ffeat(rest): Update Component with attachmentd8c594628feat(REST): New endpoint to write SPDX license info into released356bc022feat(UI): Package Portlet Signed-off-by: akapti [email protected]6aa0b8d7efeat(rest) : asynchronous end point for report download4d4c863adfeat(RequestsPortlet): Added On Hold value for request status and Next/Last 15 days filterfd159f302feat(Components): Add a new field VCS/Repository URL for componentsbe9e5f5bbfeat(rest): New Endpoint create attachment34e2d9e77feat(Rest): Rest API allow to re-generate fossology reportf4432c98bfeat(rest):Adding new fields to get list of project vulnerabilityefbe761f5feat(ExportSpreadsheet): Add project and release ID to the exported excelb7740902bfeat(ProjectObligationsEdit): Save comment and status fields on edita7bc2969cfeat(rest):New end point for my componentsa4e7f6808feat(REST): New endpoint split components447143b8efeat(rest): To list linked projects of sub-projects.ed7f4e237feat(Department): New function for Department Management662a05977feat(rest): new endpoint merge component1bf157600feat(UI/REST): CycloneDX SBOM Importer & Exportere8f6e6b26feat(rest): update response API Get a single release57b02aa29feat(REST): Update response endpoint get attachments by release410184928feat(ECC):Added pagination to ECC release listb6d58b979feat(ui): add note filed in license pagef14f9b0e4feat(rest): update response API Listing usersc27a2fe35feat(rest): update response API Listing vendors9bd7869f4feat(update): update response api get single component90c59acb4feat(rest): modify moderation requests8e71c959cfeat(ci): Use actions java setup instead of standard packages037acd41bfeat(ci): Use actions java setup instead of standard packagesa7af308fafeat(ci): Update build and test to accept dispatch669d6f98bfeat(rest) : api to get count of projects1c4b223f8feat(update):update response api get attachment by componente6374e820feat(api): create new endpoint import bom for component462675325feat(api): create new endpoint update vulnerabilities of a release4dbc8705afeat(api): create new endpoint update vulnerabilities of a componentbc368f203feat(REST): Endpoint for Download Attachment Bundle of Release764a24c6cfeat(api): Endpoint get release overview by component391c006e6feat(REST): Endpoint for Download Attachment Bundle of Component96a032814feat(api): endpoint get vulnerabilities of a componentd10048956feat(rest): new endpoint/moderationrequeste682a50fafeat(spdx): Added support for pasring of SPDX-2.3 (ISR) generated via fossologyb7710e630feat(lucene): Modify pom to generate proper war from couchdb lucene53236b590feat(libs): Add couchdb-lucene as third party84e098774feat(project): Prepare to introduce thirdparty librariesc80f75908feat(rest):Components with all details Rest Api doc updatedb32e90154feat(REST):Endpoint for sbom import249f48f49feat(SPDX): Making new tab in component release pages for showing SPDX/SPDX Lite data #12409d566af03feat(rest):New end point for my components53c8d85dafeat(clearing): Improved cloud backend clearing2e0732a2bfeat(rest): Added basic username and password based authentication4f171a659feat(rest): optimize fetch project729207997feat(EditCR): Admin will be able to reassign/edit the Requesting User of CR56096f24afeat(ProjectUI):ExternalIds and Additional Data fields in Export Excel7b84b0e4ffeat(api): get vulnerabilities from relase by apiaafc95808feat(rest) : Update data without moderation request And This features' a configurable setting73ba7012dfeat(docker): Use main Maven docker imaged6555a370feat(rest): endpoint for linked projects.e20d7bf06feat(rest): new endpoint /releases/recentReleasesc5aea6f4efeat(rest): newendpoint /components/recentComponents.d707d7b53feat(rest): new endpoint/projects/myprojects0f95fd368feat(project): Added Email functionality for individual project spreadsheet exportff92cd956feat(ProjectUi): Enable Release with only one non-approved CLI for 'Adding License Infor To Release' and 'Displaying Obligations' (#1764)f5daadb6efeat(Search): Added restricted search (#1797)df0a6a123feat(ui): Add banner to broadcast messages (#1830)d4cd90f67feat(Project): Added Vulnerability Summary Tab in Projects.ca1da16fefeat(ProjectsUI):Changed Expand All To Expand Next Level and added alert messageb682060aefeat(Advance Search): Provided an 'Exact Match' checkbox in Advance Search that inserts (") around search keywordb0ccdc480feat(ci): Add thrift binary to cache95009d35ffeat(project): Add pre-commit and spotlesseabbb0053feat(svm): Publish SVM codes to Community
Corrections
5e48f83b2fix(importCDX): Remove view BY_VCS_LOWERCASE and BY_PURL_LOWERCASEe94d9c729fix(Moderation): Fix bug could not open Release and Component moderation request45b317d86fix(rest): adding additional fields to rest response for linked projects.4e329b464fix(license): Update Response api for single license and Add rest-docs api create licensed261f70e5fix(rest): Added new endpoint for LicenseType in admin tab41d735f9afix(package): Can't link project to package1debd1e2cfix(REST):Get Component failing for names with space521835e38fix(UI) : Added code to import the upload license in admin tabf748c7cbafix(package): Create package by API can't link releaseeb7efb3f9f...
sw360-17.0.0-M1
sw360-17.0.0-M1
This tag covers many corrections/bug fixes after the 16.0 release.
This release provides features, multiple bug fixes for release 16.0, for example, new REST endpoints, improved docker script and fixes related to liferay-7.4.3.18-ga18
Migrations
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN variable and the couchdb URL (if that is not on localhost or requires password or both).
Credits
The following github users have contributed to the source code since the last release (in alphabetical order):
Abdul Kapti <[email protected]>
afsahsyeda <[email protected]>
Anupam Ghosh <[email protected]>
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Eldrin <[email protected]>
Gaurav Mishra <[email protected]>
Helio Chissini de Castro <[email protected]>
Jaideep Palit <[email protected]>
Kouki Hama <[email protected]>
Muhammad Ali <[email protected]>
Nikesh kumar <[email protected]>
rudra-superrr <[email protected]>
Smruti Prakash Sahoo <[email protected]>
tuannn2 <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
a20704c7update(lang): add chinese lang property filef9d23047feat(MailApi): enable control over trusting the email host3707569dfeat(rest): new param (allDetails) added in component call to get more details of component65011f18feat(UI): Applying sorting on release versions in drop down when inspecting a component.c8597b45feat(SPDX): Upgrade tools-java library to support SPDX 2.3 format684d3c6afeat(ProjectUI):License Info In the Spreadsheet Exported from Project License Clearing111d5876feat(RESTapi): created new endpoint for clearingrequest and modified existing endpoint payload8cb48cd8feat(AdminUI):Changed the title of the button in Edit Client modal to 'Update' from 'Edit' and set the validity to 'Days' by default in OauthCliente6a81fe0Feat (Vulnerability): Improve add/update/delete vulnerability APIs implement add/update/delete vulnerability by GUIe9b035f2feat(buildsystem): Rearrange dependencies and deploymentsb4c14975feat(CRUI):Change CR state 'On Hold' to 'Awaiting Response' & edit PreferredClearingDate35d9e021feat(docker): Move deps script outside docker builddb5176abfeat(deps): Update shared slim script to have a txt file with libraries4596f06dfeat(SPDX): Use new SPDX library (#1496)d6ba4c07feat(docker): Improve docker size and build time467edfbafeat(UI):Made the table header collapsable in wherever possible1550e909feature(ui) : select your group in Project page by grid3b4e36c7feat(search): allow searching for external ids27869c8afeat(ProjectUI): Load License info header text based on project group
Corrections
93363bd7fix(dependencies): Update okhttp and httpclient versions35ea249bFix(Vulnerability GUI): Fix bug cannot load vulnerability view pageb131a5bcfix(ProjectUI):Stale data displayed after using the Group filter in Project Advance Search2cd58b9fModified the check so that searchQuery is considered when submitSearch is empty01eecf3afix(ProjectUI): Changing Project group should update CR4ca47851fix(REST): Save otherLicenseIds while patching Release - 1735e97c8188fix(UI): Added new column in exprot spreadsheet in project tabae77534cFix(Obligation): Fix bug can not add/update Admin Obligation and import OSADL06b741b0fix(SPDX): import SPDX licenses with new SPDX library (tools-java 1.0.4)5d86c067fix(moderation_request): Added a check that if documentId is null then ignoreac308a5dupd(CI/CD): Build and test only during the PR.7da2858aupd(docker): Fix wrong branch42cce1a6upd(docker): Publish push to main commitsd0432233fix(script): Script to remove trailing and leading whitespaces from component names4f7fd085fix(ProjectUI): Multiple alerts when there are same linked projectsf6c22e52fix(PreferencesUI):Read Access has to be checked before Generating token920d1281fix(docker): Deploy libraries in correct place1564ab79upd(doc): Update docker documentation related to redirects5c9e7845upd(docker): Improve docker build and github actions7bcb75dbupd(docker): Improve github actions pipeline03e665ecfix(docker): add missing dependenciesb679b883fix(UI): Unresponsive UI & top align session message68f171f5fix(UI): Added code to show the project list in component tab8312a8e6fix(UI): Text field is blank while ExportSpread in licenses05b9c5f0fix(User): CountryId does not exists while creating user with new Organizatione0059eecupd(docker): Push sw360 docker image to registry429b6b73fix(UI): Default behaviour of write access checkbox restore5ffcda69fix(Project and Component UI): Formatting issues and the type of files that can be uploaded in Import SBOM MOdal are limited to rdf now-78332ea05feupd(buildsystem): Move away build-configuration8c09cfa1upd(deps): Update jackson versionsb7757326Fix(ProjectUI): Fix bug when editing obligations in a project.46e2b73dfix(CouchDbView): Improve couchdb view performance282298e0fix(Docs): Fixed REST and MkDocs generated issue9a1dcb48fix(ecc): Reset Ecc Fields when Component type is changed.a5ece957upd(sanitize): Remove lib prefix from datahandlerca8b2efc"fix(rest): Added code for to Update the REST-API documentation for Definition of Manufacturer on project level14103917fix(ComponentUI):HTML encoded character in Vendor field01448d74fix(scripts): Sanitize scripts13753dbfupd(ghactions): Fail fast with the license checker without setting a full blown systemb365744efix(bnd): Restore original bundle8682aa42fix(docker): Dependencies need to be deployedaa4b625eupd(docker): Move versions to separate file and update dep script9d3e9b3ffix(versions): Update commons lang to correct last version7ee69887fix(SBOM): Fixed Component type is not being set when components are created by importing SBOMdb359094fix(ecc): Script to change ECC status in Releasedaa15a90upd(thrift): Use only provided tarball to generate resources932987bcfix(maven): Update commons-logging to equal versionsd9f594ecfix(maven): Update commons-codec to equal versions41450708fix(liferay): Use unique versions for same dependencies5acd4ecbfix(maven): Use unique versions for same dependenciesde429b3fbug(docker): Fix share location of jar files5e0a30cdfix(ui): Fixed lar file to add missing widgets(Oauth Client & License Types)adb4f930fix(ecc): Script to cleanup ECC information in released0ead7d1fix(rest): Added component type tag in release apif0f308e4upd(maven): Update maven build infra2db4244ffix(UI): Do not copy specific external id while cloning releaseb8190e25fix(UI): Disable write access from UI9f5e1dddfix(CrUi): fix the critical CR creation issuea6f8fa65fix(ProjectUI): fixed Release filter bug in AttachmentUsage tab77e0ec1dfix(ui): Generate portlet X url inside portlet Y33908857fix(report): Nullpointer downloading reporte1dd21fcfix(jenkins): Update old eclipse jarsignerf35c6244fix(deps): Fixed wrong dependency download7ba948c4fix(docker): Fix double called shutdown scriptd2d8011fbug(docker): Fix invalid commited docker props9cddc708upd(Docker): Upgrade docker and versions for new Liferay3a0d8c38fix(AdminUI): Prevent license type duplication with case insensitive check17a82169fix(ui): cannot link Component with closed project6d0a20effix(REST): fixed release update issue for releases with invalid licenses
Infrastructure
a2b75597fix(doc) : update migration Readmeb7048928upd(README): Update with new informatione130c068chore(deps): bump spring-security-core in /frontend/sw360-portlet6b8c6e7dUpdate githubactions.yml8602a169WIPe7e9858fchores(liferay): updated liferay kernel and theme9e64374cchores(upgrade): Updated default country Id of liferayf19f0203chores(upgrade): Fixed the ui issues71145b2achores(upgrade): Updated default country Id of liferaya7fd29d7chores(upgrade): Fixed the ui issues822597c2Updated versions in bnd file according to Liferay 7.4.3.18 GA189efff9ffchores(upgrade): Upgrade Liferay to 7.4.3.18 GA1832bc4839chore(rel): Changing back to 16.1.0-SNAPSHOT
sw360-16.0.0-M1
sw360-16.0.0-M1
This tag covers many corrections/bug fixes after the 15.0 release.
This release provides features, muliple bug fixes for release 15.0, for example, new REST endpoints, new integration test suite.
Migrations
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN variable and the couchdb URL (if that is not on localhost or requires password or both).
Credits
The following github users have contributed to the source code since the last release (in alphabetical order):
Abdul Kapti <[email protected]>
Alberto Pianon <[email protected]>
Anupam Ghosh <[email protected]>
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Helio Chissini de Castro <[email protected]>
hoangnt2 <[email protected]>
Jaideep Palit <[email protected]>
Kouki Hama <[email protected]>
Pham Van Hieu <[email protected]>
Smruti Prakash Sahoo <[email protected]>
Tran Vu Quan <[email protected]>
tuan99123 <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
1f6db6dbupd(mockito): Update the deprecated old mockito-all to mockito-core29d019b6feat(ui): Ability to filter for active users0d0de03cfeat(ReleaseUi):Display AssessmentSummary info from CLi in Release details page709a5ec9feat(UI): ModifiedOn & MOdifiedBy fields for Project/COmponent/Release73fe7e68feat(export): Enable mailing for exported spreadsheet for componentsbbc37a93feat(ProjectUI): added filter for linked release/projects tablea9053df2feat(ProjectUI): AttachmentUsages - Added option to filter for releases without source attachmentsf7aebb1efeat(rest): Add upload description to trigger fossology process26226fbbfeat(exportExcel): Send an email to user with download link once export completed860e420dfeat(exportExcel): Generate and save excel to file system, Download generated file with token07b54e93feat(UI): Display Licenses from Scanner findings in ISR attachments9511adb7feat(obligation): add function Edit/Duplicate/Changelog for Obligation830f463afeat(ui) : Strengthen sw360 admin privileges about Read and Write7dd31343feat(compose): Common network adn Fossology decoupling5974152ffeat(ProjectUI): Disabled CR based on project Group0f2e4c14feat(rest): Get Project Vulnerability by external id and release id3dfe2bbcfeat(projectUi): Update some fields in a Project in closed state440a6fdafeat(docker): Overhaul SW360 docker0dc962d0feat(script): Addition to update project field starting with some valuee5516c21feature(docker): Run sw360 as non-priv usercec73056feature(docker): Use volumes with tomcat33481c32feature(docker): Add fossology on the mix4036a822feat(project): Added vendor for project
Corrections
00271e79Fix (Component): Fix bug component list sorting3eb27362fix(closedproject): Fixed issue w.r.t. editing close project8911a4c4fix(project): Added write permissions for closed project1bef35d3update(ghactions): Improve gh actions processbcdfad6bupdate(docker): Docker to use latest Ubuntu LTS728acb20fix(export): Added missing ECC AL column and release vendor in project export8efc4871fix(rest): Added release main licenses in the response5f5bca8afix(ISR):Fixed source file not found in ISR & Total files count mismatchb4f0b870Fix (Release): Fixed vulnerability can't be deleted when it is linked with a deleted releasef8052466fix(UI): fix Some long sentence can't show property in License Obligation8ead75c3fix(ui): Display url, email, text of Additional Data for Component and Releasebafd477ffix(CR-UI): fixed the count mismatch in Open Components column of CR tablee776a969fix(excel-export): fixed project filter issue while exporting excelbcc2d89cfix(Obligation): Save Admin Level Obligation based on Obligation topic1bec6af2fix bug Invalid GitHub action #15199bc9b9bbFix(License): Fix bug one license cound add only 10 obligations4b7197b4Fix(REST): fix visibility of Project Rest APIaef08989fix(docker): Add better proxy documentation to docker-compose534ee6f7fix(ui): Fixed Obligation count in project viewcac1b13efix(thrift): Updated thrift configuration to adopt configurable max message size and max framesize2fab647btypo in the docker run command8d1ddfc3fix(compoent-visibility): Moderation request for clearing admind92ecacefix(ui) : modify translation for search function3792db20fix(ModerationRequestUI): Fixed project Moderation Request UI is not loading1c0dd050fix(Dockerfile): Make Dockerfile more consistenta8c2334efix(merge): Optimized code to check for write permission of release and components before starting to merge9bbb49bafix(modReq): Fixed moderation request for release with version overwrited1fd4307fix(ReleaseClearingState): ClearingState not changing to New from Scan Availablecbec94a4fix(api): Correct the ECC status when release is created by APIf0f9ff62fix(docker): Added missing license6fb1f415fix(docker): Add Document Library as volume to enable keep custom settingsfde1f460fix(docker): Add proper missing clucene configb719f989fix(docker): Add better proxy handling11e24172fix(docker): Get liferay from github releases6bddc2bffix(docker): Reduce first bootstrapping5df8eb4afix(docker): Update README_DOCKER.md0e917987fix(docker): Update documentation with CSS issuee1a21e07fix(docker): Update documentation with CSS issuecfe7e413fix(docker): Improve documentation and persist porta-ext.propertiese335c374fix(docker): README update and cert ignore for curlab23d0ccfix(docker): Thrift builds now under tmpfsff9409fdfix(docker): Improve build speed and build layers size5467abf9Update docker base using Eclipse Temurin681eb0c4fix(ui): Restrict visibility of each component/release like Project0b06f3eefix(ui): Fixed pagination of component list with search paramsf14298a4Fix search function with key is empty
Infrastructure
7332bec0chore(dependencies): spring vulnerbility - cve-2022-22970,cve-2022-229713efa3a56(chores): updated README.md and download_dependencies.sh files7541ec8dchore(deps): bump spring-security-core in /frontend/sw360-portleta17efda8chore(deps): bump gson from 2.8.6 to 2.8.918763b51chore(deps): bump jackson-databind from 2.11.3 to 2.12.6.12502b58d(chores): fix security vulnerabilitiesce57d9b5Update information about port redirectionea798093Update README_DOCKER with typos fixinga7a75336chore(rel): Changing back to 15.1.0-SNAPSHOT
sw360-15.0.0-M1
sw360-15.0.0-M1
This tag covers many corrections/bug fixes after the 14.0 release.
This release provides features, muliple bug fixes for release 14.0, for example, new REST endpoints, new integration test suite.
Credits
The following github users have contributed to the source code since the last release (in alphabetical order):
Anupam Ghosh <[email protected]>
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Gaurav Mishra <[email protected]>
He, Albert <[email protected]>
Jaideep Palit <[email protected]>
ravi110336 <[email protected]>
Smruti Prakash Sahoo <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
9807d381feat(ui): Added new Clearing State and Attachment Type77f06a6efeat(ci): Remove dependency of commonsIO from clientbe212373feat(ci): Fixed Attachment test casesbf43f889feat(ci): Fixed Release test cases790c935ffeat(ci): Fixed component test cases32ae085ffeat(ci): Run Client Integration Test for rest api on DB77f49ec2feat(ui): Added new column for ECCN in ECC status tab of project details view8ed3c68dfeat(AttachmentTypeUI):Add a new attachment type Security Assessment.2e593adffeat(client): Added Java Client Apis for vulnerability endpoints.
Corrections
2b562699fix(ci): Fixed vulnerability IT testcases854c6453fix(release): Fixed mainline state is empty when creating a release by ui or restbe26f6cafix(ci): Fixed Project Client Testcasese06eb192fix(ci): Fixed License Testcases2261b62ffix(script): Fixed deployment status check after spring boot updat02ecfe6fFix default config not working issue30e404bdFix component list sorting errorf6337094fix(rest): Optimize rest api for get project by tag, type, group
Infrastructure
376d5b94chore(deps): bump log4j-core from 2.17.0 to 2.17.14fc46d41chore(deps): bump log4j-core from 2.16.0 to 2.17.0c386b4c6log4j version upgrade to 2.16.0(log4j-vulnerability)b8ebd682chore(rel): Changing back to 14.1.0-SNAPSHOT0368ae99chore(readme): Update release badge to latest
sw360-14.0.0-M1
sw360-14.0.0-M1
This tag covers many corrections/bug fixes after the 13.4 release.
This release provides features, muliple bug fixes for release 13.4, for example, new REST endpoints, new functions in the UI and changelog enable/disable from sw360.properties.
Migrations
For existing installations, a data migration is required. Please go to the readme file in scripts/migrations to see more information:
https://github.com/eclipse/sw360/blob/master/scripts/migrations/README.md
For running the migrations scripts, you will need python and the couchdb package. Please note that you will need to change manually in the python file: the DRYRUN variable and the couchdb URL (if that is not on localhost or requires password or both).
Credits
The following github users have contributed to the source code since the last release (in alphabetical order):
Abdul Kapti <[email protected]>
Anupam Ghosh <[email protected]>
Jaideep Palit <[email protected]>
Kouki Hama <[email protected]>
Michael C. Jaeger <[email protected]>
ravi110336 <[email protected]>
Shi Qiu <[email protected]>
Smruti Prakash Sahoo <[email protected]>
Tran Vu Quan <[email protected]>
Please note that also many other persons usually contribute to the project with reviews, testing, documentations, conversations or presentations.
Features
e1923ac3feat(UI): import OSADL obligation information and update screen of Adding new obligation2b6b9a9dfeat(UI): CLI file clean up assistant3702de56feat(rest): Added rest api to create duplicate of project8ff2748ffeat(RestAPI):Update the attachment status with the approver/rejecter Name and Group.e3d8122afeat(ProjectUI): Add new values to Obligation status3bab5e99feat(ui): Display,update vulnerability for linked projects in project details view8d1f96fffeat(log): Added output processing of the change loga873ad83feat(ReleaseUI): License to SourceFile Mapping533ace69feat(rest): Add Rest API for linking release to release
Corrections
ea72ce63fix(ui): Fixed redirect page from Release Edit page to Release Details pagece9d9550fix(changelog):Fixed the file permission issue for sw360 changelog.9ef38314fix(rest): Change base url of health api from /actuator to /843f1f8dfix(rest): Get component by name case insensitive96a59335fix(rest): Create duplicate project clearing state should always be open and not copiedfc1f1e39fix(sw360ChangeLog):Configure the sw360ChangeLog path.d27527d3fix(docker): Fixed cannot upload attachment more than 1 MB by Rest Api46e6eb18fix(views): Optimize views for components2e8a9cc8fix(views): Optimize views for releases21682a3afix(views): Optimize views to load large projects65719867fix(rest): Fixed hateoas link not showing correct protocol0ed91d75fix(ui): Links in ReadmeOss as HTMl are not rendered properlyedeb13d2fix(ui): fix the bug that attachments usages in project cannot show other line5bff785ffix(rest): Update project vulnerabilities0202f9dffix(rest): Fixed projects loading issue in REST62d8887bfix(UI):Component details not shown for the Security Admin Role.1db9afdafix(rest): Added new parameter luceneSearch to Get Project List Api, to get project list based on lucene search3305fc6bfix(Japanese) : Update and modify Japanese translations2f85cf70fix(projects): Fixed thrift timeout by optimizing projects loadingaa8574ebfix(upgradeVersion): Updated resource server properties for Spring 2.Xa0f1861bfix(upgrade version): fixed the test cases failure issue when generating the rest docs.033d912afix(upgradeVersion): Fixed Test case for authorization server with spring boot version upgrade * Refactored code and removed commented lines71bf74bcfix(upgradeVersion):Upgrade version.2e98d07dfix(RestAPI):500 Internal server error from releases API.eb6192bcfix(ui): Cleanup moderation request on deleting project/release/component57e08173fix(ui): Changes in External urls in Project are not registered in Moderation Request. Closed Moderation Request doesnot show Proposed changes8b5ffeccfix(Rest):make SW360 REST API Get Releases by Name Case-Insensitive.97a72951fix(DBTestsFail): Migrating databasetest.properties to couchdb-test.properties.6c3c51ecfix(log): Fix indentation issue in source code.4ab50904fix(MyProjectErrorMessage):update the error message in UI for the project which is not accessible.d2f22b80fix(ui): Fixed js error while merge component/release with null additional data9c4d2f0dfix(rest): Added exception processing for authorizationaf443442fix(script): add password and user in couchdb-lucene.ini318d0923fix(docker):Update couchdb3.1 ubuntu20.04 liferay7.3.4 postgresql125ec1df6afix(ci) added new files to license check script26dc7333fix(ui): Fixed create/update users with uppercase email or externaliddb1c1a97fix(ui): User should be able to edit group of project